package cn.tedu;

import java.sql.*;
import java.util.HashMap;
import java.util.Map;
import java.util.Scanner;

public class Demo07 {
    public static void main(String[] args) {
        //新建键盘输入
        Scanner scanner = new Scanner(System.in);
        System.out.println("请输入用户名");
        String username = scanner.nextLine();
        System.out.println("请输入密码");
        String password = scanner.nextLine();
        //判断输入不能为空
        if (username == null || password == null) {
            System.out.println("输入错误");
            return;
        }
        //获取连接
        try (
                Connection conn = DBUtils.getConn();
        ) {
//            Statement s = conn.createStatement();
//            String sql = "select count(*) from user where username = '"+username+"' and password = '"+password+"'";
//            //执行查询
//            ResultSet rs = s.executeQuery(sql);
            //通过预编译效果的对象 解决SQL注入的问题
            String sql = "select count(*) from user where username=? and password=?";
            PreparedStatement ps = conn.prepareStatement(sql);
            //替换掉SQL语句中的？
            ps.setString(1,username);
            ps.setString(2,password);
            ResultSet rs = ps.executeQuery(); //执行查询
            //游标向下移动
            rs.next();
            //取出结果集中 查询到的count(*)
            int count = rs.getInt(1);
            if (count > 0) {
                System.out.println("登录成功");
            }else {
                System.out.println("用户名或密码错误");
            }
        } catch (SQLException e) {
            e.printStackTrace();
        }
    }
}
